CSO Online

ClickFix techniques evolve in new infostealer campaigns

Recent social engineering schemes involving WordPress and Microsoft’s Windows Terminal show that this relatively basic tactic is a growing threat.
The Hacker News

Chinese Hackers Target Southeast Asian Militaries with AppleChris and MemFun Malware

China-linked CL-STA-1087 targets Southeast Asian militaries since 2020 using AppleChris and MemFun for espionage and credential theft.
Security Boulevard

Hacked sites deliver Vidar infostealer to Windows users

We found fake “verify you are human” pages on hacked WordPress sites that trick Windows users into installing the Vidar ...
Security Boulevard

How searching for a VPN could mean handing over your work login details

What looks like a legit VPN download could be a trap, as SEO poisoning is being used to steal corporate logins.
Microsoft

Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft

Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since 2025, Storm-2561 mimics trusted brands and abuses legitimate services. This ...
WinBuzzer

Xbox One Hacked After 12 Years Via Voltage Glitch Exploit

A researcher has cracked the Xbox One's 12-year security record using Bliss, a voltage glitching exploit targeting an unpatchable boot ROM vulnerability.